|
Hello Team, Problem Statement : Unable to connect to SFTP server hosted on Microsoft Azure using openssh-client version 7.4p1 using Subsytem SFTP. Observation : We are unable to connect with SFTP server using public key authentication(same with password authentication). And getting following error : We are able to connect with the machine using our ssh-client.
After successful authentication, our client immediately send the message "type 1" to disconnect from the server as shown in logs attached. Other observations : We running through sftp utility, same user successfully connected with SFTP Server hosted on Azure. Logs attached
kiel1-med10:/home/ealekbl# sftp
stdmpingprivwesteu01p.emmuserpass@10.136.113.70 stdmpingprivwesteu01p.emmuserp@10.136.113.70's password: Connected to 10.136.113.70. sftp> exit Openssh 7.4p1 is connected successfully with sftp servers running on linux machines not hosted on Azure. Setup Details : client : openssh-client 7.4p1 running on RHEL SFTP Server : MS Azure (AzureSSH_1.0.0) Verbose Logs : kiel1-med1:/home/ealekbl# /opt/mediation/appl/SERVER/CXC1741717_R4N//lib/exe/ssh-client_7.4p1 -oForwardX11=no -oForwardAgent=no -oProtocol=2 -l stdmpingprivwesteu01p.emmuser -oIdentityFile=/home/mmsuper/.ssh/emmdata.pem -_oNumberOfPasswordPrompts_=1
-oPreferredAuthentications=publickey -oPubkeyAuthentication=yes -oRhostsAuthentication=no -oRhostsRSAAuthentication=no -oRSAAuthentication=no -oUserKnownHostsFile=/dev/null -oStrictHostKeyChecking=no -s -oport=22 -vvv -Z "Alive and kicking" 10.136.113.70 sftp OpenSSH_7.4p1, OpenSSL 1.0.2k 26 Jan 2017 debug2: resolving "10.136.113.70" port 22 debug2: ssh_connect_direct: needpriv 0 debug1: Connecting to 10.136.113.70 [10.136.113.70] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: key_load_public: No such file or directory debug1: identity file /home/mmsuper/.ssh/emmdata.pem type -1 debug1: key_load_public: No such file or directory debug1: identity file /home/mmsuper/.ssh/emmdata.pem-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_7.4 debug1: Remote protocol version 2.0, remote software version AzureSSH_1.0.0 debug1: no match: AzureSSH_1.0.0 debug2: fd 3 setting O_NONBLOCK debug1: Authenticating to 10.136.113.70:22 as 'stdmpingprivwesteu01p.emmuser' debug3: hostkeys_foreach: reading file "/dev/null" debug3: send packet: type 20 debug1: SSH2_MSG_KEXINIT sent debug3: receive packet: type 20 debug1: SSH2_MSG_KEXINIT received debug2: local client KEXINIT proposal debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@xxxxxxxxxx,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c debug2: ciphers ctos:
chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx,aes128-cbc,aes192-cbc,aes256-cbc debug2: ciphers stoc:
chacha20-poly1305@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx,aes128-cbc,aes192-cbc,aes256-cbc debug2: compression ctos: none,zlib@xxxxxxxxxxx,zlib debug2: compression stoc: none,zlib@xxxxxxxxxxx,zlib debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug2: peer server KEXINIT proposal debug2: KEX algorithms: ecdh-sha2-nistp384,ecdh-sha2-nistp256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group-exchange-sha256,ext-info-s debug2: host key algorithms: rsa-sha2-256,rsa-sha2-512,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384 debug2: ciphers ctos:
aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr debug2: ciphers stoc:
aes128-gcm@xxxxxxxxxxx,aes256-gcm@xxxxxxxxxxx,aes128-ctr,aes192-ctr,aes256-ctr debug2: MACs ctos: hmac-sha2-256,hmac-sha2-512,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx debug2: MACs stoc: hmac-sha2-256,hmac-sha2-512,hmac-sha2-256-etm@xxxxxxxxxxx,hmac-sha2-512-etm@xxxxxxxxxxx debug2: compression ctos: none debug2: compression stoc: none debug2: languages ctos: debug2: languages stoc: debug2: first_kex_follows 0 debug2: reserved 0 debug1: kex: algorithm: ecdh-sha2-nistp256 debug1: kex: host key algorithm: ecdsa-sha2-nistp256 debug1: kex: server->client cipher: aes128-ctr MAC:
hmac-sha2-256-etm@xxxxxxxxxxx compression: none debug1: kex: client->server cipher: aes128-ctr MAC:
hmac-sha2-256-etm@xxxxxxxxxxx compression: none debug3: send packet: type 30 debug1: sending SSH2_MSG_KEX_ECDH_INIT debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug3: receive packet: type 31 debug1: Server host key: ecdsa-sha2-nistp256 SHA256:0WNMHmCNJE1YFBpHNeADuT5h+PfJ/jJPtUDHCxCSrO0 debug3: hostkeys_foreach: reading file "/dev/null" Warning: Permanently added '10.136.113.70' (ECDSA) to the list of known hosts. debug3: send packet: type 21 debug2: set_newkeys: mode 1 debug1: rekey after 4294967296 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug3: receive packet: type 21 debug1: SSH2_MSG_NEWKEYS received debug2: set_newkeys: mode 0 debug1: rekey after 4294967296 blocks debug2: key: /home/mmsuper/.ssh/emmdata.pem ((nil)), explicit debug3: send packet: type 5 debug3: receive packet: type 7 debug1: SSH2_MSG_EXT_INFO received debug3: receive packet: type 6 debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug3: send packet: type 50 debug3: receive packet: type 51 debug1: Authentications that can continue: publickey,password debug3: start over, passed a different list publickey,password debug3: preferred publickey debug3: authmethod_lookup publickey debug3: remaining preferred: debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Trying private key: /home/mmsuper/.ssh/emmdata.pem debug3: sign_and_send_pubkey: RSA SHA256:achpp3Nli3MXyIAeJJuREpdXHtYpqVvOTl5YpUsO7hI debug3: send packet: type 50 debug2: we sent a publickey packet, wait for reply debug3: receive packet: type 52 debug1: Authentication succeeded (publickey). Authenticated to 10.136.113.70 ([10.136.113.70]:22). debug1: channel 0: new [client-session] debug3: ssh_session2_open: channel_new: 0 debug2: channel 0: send open debug3: send packet: type 90 debug1: Entering interactive session. debug1: pledge: network Alive and kickingdebug3: receive packet: type 91 debug2: callback start debug2: fd 3 setting TCP_NODELAY debug3: ssh_packet_set_tos: set IP_TOS 0x08 debug2: client_session2_setup: id 0 debug1: Sending subsystem: sftp debug2: channel 0: request subsystem confirm 1 debug3: send packet: type 98 debug2: callback done debug2: channel 0: open confirm rwindow 4294967295 rmax 262143 debug3: receive packet: type 99 debug2: channel_input_status_confirm: type 99 id 0 debug2: subsystem request accepted on channel 0 debug3: send packet: type 1 packet_write_wait: Connection to 10.136.113.70 port 22: Broken pipe kiel1-med1:/home/ealekbl# Is it some known issue or please do let us know the way forward to debug it. Is openssh 7.4p1 is compatible with AzureSSH_1.0.0? Regards, Deepti Sharma
From: Neeraj Gupta G <neeraj.g.gupta@xxxxxxxxxxxx>
Hi Deepti, We are working on a CSR regarding regarding issue in ssh connection with Azure sftp server from EM20. So can you please raise the query on openssh community. Query : Thanks, Neeraj Gupta |
